# Inspired by https://github.com/kube-vip/kube-vip/blob/v0.8.0/pkg/kubevip/config_generator.go#L103
apiVersion: v1
kind: Pod
metadata:
  name: kube-vip
  namespace: kube-system
  labels:
    addonmanager.kubernetes.io/mode: Reconcile
    k8s-app: kube-vip
spec:
  containers:
  - args:
    - manager
    env:
    - name: vip_arp
      value: {{ kube_vip_arp_enabled | string | to_json }}
    - name: port
      value: {{ kube_apiserver_port | string | to_json }}
    - name: vip_nodename
      value: {{ inventory_hostname }}
{% if kube_vip_interface %}
    - name: vip_interface
      value: {{ kube_vip_interface | string | to_json }}
{% endif %}
{% if kube_vip_services_interface %}
    - name: vip_servicesinterface
      value: {{ kube_vip_services_interface | string | to_json }}
{% endif %}
{% if kube_vip_cidr %}
    - name: vip_cidr
      value: {{ kube_vip_cidr | string | to_json }}
{% endif %}
{% if kube_vip_dns_mode %}
    - name: dns_mode
      value: {{ kube_vip_dns_mode | string | to_json }}
{% endif %}
{% if kube_vip_controlplane_enabled %}
    - name: cp_enable
      value: "true"
    - name: cp_namespace
      value: kube-system
    - name: vip_ddns
      value: {{ kube_vip_ddns_enabled | string | to_json }}
    - name: cp_detect
      value: {{ kube_vip_cp_detect | string | to_json }}
{% endif %}
{% if kube_vip_services_enabled %}
    - name: svc_enable
      value: "true"
{% endif %}
{% if kube_vip_svc_leasename %}
    - name: svc_leasename
      value: {{ kube_vip_svc_leasename | string | to_json }}
{% endif %}
{% if kube_vip_enableServicesElection %}
    - name: svc_election
      value: "true"
{% endif %}
{% if kube_vip_leader_election_enabled %}
    - name: vip_leaderelection
      value: "true"
    - name: vip_leasename
      value: {{ kube_vip_leasename | string | to_json }}
    - name: vip_leaseduration
      value: {{ kube_vip_leaseduration | string | to_json }}
    - name: vip_renewdeadline
      value: {{ kube_vip_renewdeadline | string | to_json }}
    - name: vip_retryperiod
      value: {{ kube_vip_retryperiod | string | to_json }}
{% endif %}
{% if kube_vip_enable_node_labeling %}
    - name: enable_node_labeling
      value: {{ kube_vip_enable_node_labeling | string | to_json }}
{% endif %}
{% if kube_vip_bgp_enabled %}
    - name: bgp_enable
      value: "true"
    - name: bgp_routerid
      value: {{ kube_vip_bgp_routerid | string | to_json }}
    - name: bgp_as
      value: {{ kube_vip_local_as | string | to_json }}
    - name: bgp_peeraddress
      value: {{ kube_vip_bgp_peeraddress | to_json }}
    - name: bgp_peerpass
      value: {{ kube_vip_bgp_peerpass | to_json }}
    - name: bgp_peeras
      value: {{ kube_vip_bgp_peeras | string | to_json }}
{% if kube_vip_bgppeers %}
    - name: bgp_peers
      value: {{ kube_vip_bgppeers | join(',')  | to_json }}
{% endif %}
{% endif %}
    - name: address
      value: {{ kube_vip_address | to_json }}
{% if kube_vip_lb_enable %}
    - name: lb_enable
      value: "true"
{% endif %}
{% if kube_vip_lb_fwdmethod %}
    - name: lb_fwdmethod
      value: {{ kube_vip_lb_fwdmethod | string | to_json }}
{% endif %}
    image: {{ kube_vip_image_repo }}:{{ kube_vip_image_tag }}
    imagePullPolicy: {{ k8s_image_pull_policy }}
    name: kube-vip
    resources: {}
{% if kube_vip_lb_fwdmethod == "masquerade" %}
    securityContext:
      privileged: true
{% else %}
    securityContext:
      capabilities:
        add:
        - NET_ADMIN
        - NET_RAW
{% endif %}
    volumeMounts:
    - mountPath: /etc/kubernetes/admin.conf
      name: kubeconfig
  hostAliases:
  - hostnames:
    - kubernetes
    ip: 127.0.0.1
  hostNetwork: true
  volumes:
  - hostPath:
      path: /etc/kubernetes/{{kube_vip_admin_conf}}
    name: kubeconfig
status: {}
